Threat Intelligence Database

Comprehensive database of the latest cyber threats affecting organizations worldwide. Filter and search to find specific threat intelligence relevant to your organization.

Pro Console Lifetime

Stop chasing alerts. Route them.

Start free, then upgrade once to turn Radar into an automated delivery engine for your security stack.

Custom feeds / Automations: email, Slack, webhooks, SIEM/MISP / API access (baseline limits)

View Plans & Pricing

API access activates after upgrading in Console -> Billing.

Breach by OffSeqOFFSEQFRIENDS — 25% OFF

Check if your credentials are on the dark web

Instant breach scanning across billions of leaked records. Free tier available.

Scan now

Filter Threats

Narrow down the results by type, severity, or affected countries

Type

Severity

Country

Tag

Time Range

Sort By

Active filters (2):Search: entry.py

Search Results: "entry.py"

Click on any threat for detailed analysis and mitigation recommendations


CVE-2026-7206: SQL Injection in dubydu sqlite-mcpCVE-2026-7206 0 CVE-2026-7206 is a medium severity SQL injection vulnerability in the dubydu sqlite-mcp product version 0.1.0. The flaw exists in the extract_to_json function within src/entry.py, where manipulation of the output_filename argument can lead to SQL injection. This vulnerability can be exploited remotely without authentication or user interaction. A patch identified by commit a5580cb992f4f6c308c9ffe6442b2e76709db548 has been released to fix the issue. No known exploits are reported in the wild at this time. MediumVulnerability#cve #cve-2026-7206 Join the discussion	CVE Database V5	04/28/2026, 00:45:12 UTC Added: 04/28/2026, 01:09:01 UTC
CVE-2025-66440: n/aCVE-2025-66440 0 An issue was discovered in Frappe ERPNext through 15.89.0. Function get_outstanding_reference_documents() at erpnext/accounts/doctype/payment_entry/payment_entry.py is vulnerable to SQL Injection. It allows an attacker to extract arbitrary data from the database by injecting SQL payloads via the to_posting_date parameter, which is directly interpolated into the query without proper sanitization or parameter binding. CriticalVulnerabilityGermanyFranceUnited Kingdom+5#cve #cve-2025-66440 Join the discussion	CVE Database V5	12/15/2025, 00:00:00 UTC Added: 12/15/2025, 17:30:39 UTC
CVE-2025-66439: n/aCVE-2025-66439 0 An issue was discovered in Frappe ERPNext through 15.89.0. Function get_outstanding_reference_documents() at erpnext.accounts.doctype.payment_entry.payment_entry.py is vulnerable to SQL Injection. It allows an attacker to extract arbitrary data from the database by injecting SQL payloads via the from_posting_date parameter, which is directly interpolated into the query without proper sanitization or parameter binding. CriticalVulnerabilityGermanyFranceUnited Kingdom+5#cve #cve-2025-66439 Join the discussion	CVE Database V5	12/15/2025, 00:00:00 UTC Added: 12/15/2025, 17:30:39 UTC